An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.
Fixes

Solution

No solution given by the vendor.


Workaround

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-26T06:28:34.907Z

Reserved: 2024-02-12T11:47:40.549Z

Link: CVE-2024-1441

cve-icon Vulnrichment

Updated: 2025-04-11T22:03:17.504Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-11T14:15:06.917

Modified: 2025-04-11T22:15:29.113

Link: CVE-2024-1441

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-03-01T00:00:00Z

Links: CVE-2024-1441 - Bugzilla

cve-icon OpenCVE Enrichment

No data.